FTPd CWD Command Account Enumeration
Medium Nessus Plugin ID 10082
SynopsisThe remote FTP server is vulnerable by an account-enumeration attack.
DescriptionIt is possible to determine the existence of a user on the remote system by issuing the command CWD ~<username>.
An attacker may use this to determine the existence of known to be vulnerable accounts (like guest) or to determine which system you are running.
SolutionThere is no known solution at this time.